Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
341
Views
0
Helpful
4
Replies

FWSM and PIX 535 migration and differences

jeff.vargas
Level 1
Level 1

‎10-05-2006 09:14 AM - edited ‎02-21-2020 01:13 AM

I'm migrating my PIX 535 config to a new FWSM and have come across some subtle differences. For instance, I have to apply a permit for ICMP to the interfaces and secondly all traffic does not seem to be allowed from inside to outside by default. Does anyone know of a document that outlines these differences?

Thanks,

0 Helpful
4 Replies 4

thomas.chen
Level 6
Level 6

‎10-11-2006 10:59 AM

What is the version of software which you are using ?

0 Helpful

jeff.vargas
Level 1
Level 1
In response to thomas.chen

‎10-16-2006 12:50 PM

Sorry for the late reply, I hope you read this. I'm on 2.3.4

0 Helpful

varakantam
Level 1
Level 1
In response to jeff.vargas

‎10-16-2006 04:39 PM

ICMP to the interfaces is disabled by default.

Unlike PIX, FWSM does not allow default flow of traffic. You need to explicitly define rules for the traffic to flow.

0 Helpful

Fernando_Meza
Level 7
Level 7
In response to varakantam

‎10-16-2006 07:14 PM

Yes .. and also for getting ICMp to traverse the firewall module you need to enabled icmp inspection

fixup protocol icmp

fixup protocol icmp error

http://cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_book09186a00802c303c.html

more details can be found on the admin guide

I hope it helps .. please rate it it does !!!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card